General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 666 Views
  • 0 replies
  • 0 Likes

VPN tunnel config question

I'm running PANOS 4.0.13.  Can I set up a tunnel where the peer IP is 1.1.1.1 and the remote proxy id is the same IP as the peer?  I think I tried this before on an earlier release and it didn't work, so I had to NAT.  Thanks!

iguarino by L0 Member
  • 2182 Views
  • 2 replies
  • 0 Likes

OCSP query

Hi,

We are implementing a SSL-VPN solution using Global Protect and our own CA. From what I have seen the OCSP queries are made on demand, when the certificate is presented for the first time, and then at a fixed interval(60 minutes). I tried changing

...

sslvpn 4.0.x issue

Hi,

When configuring sslvpn we tried to use an Adsl modem which makes its public 1.1.1.1 NAT 443 to a local ip 172.16.2.1

this ip is PaloAlto's L3 interface.Default gateway of PaloAlto is 172.16.2.2 which is modem.

People can access to internet from Pal

...

panos by L6 Presenter
  • 2792 Views
  • 4 replies
  • 0 Likes

Resolved! Blocking files by URL Category and Zone direction

Hello,

I currently have a security rule that blocks the downloads of ".exe" files from the "unknown" URL category (which sits above my general Internet/WildFire Forward rule).  It works extremely well in dropping a huge amount of the garbage out there

...

CRHC by L4 Transporter
  • 2838 Views
  • 2 replies
  • 0 Likes

Days needed for Palo Alto subscription to release

Hi All,

Our palo alto subscription currently near the end of subscription expiration date.

We've ask quotation for the new license from PaloAlto distributor, and based on information from the distributor it will take 4 - 6 weeks for new subscription to

...

Resolved! Wildfire report

I like wildfire, but I think the web frontend must be more elaborated.

I'd like to customize and export reports to text to obtain statistics about ip origins, filenames, ...

aojea by Not applicable
  • 2109 Views
  • 1 replies
  • 0 Likes

Resolved! url filtering update error

Hi,

I searched about this but couldn't find anything to solve an issue about upgrade brightcloud databese.

On dashboard version is 0

First installation and we get error.

On the pcap we see

HTTP/1.1 401 Unauthorized

Transfer-Encoding: chunked

Server: Microso

...

panos by L6 Presenter
  • 6841 Views
  • 12 replies
  • 0 Likes

Best Practices Agent configuration of many DC

Hi all,

There are 18 seperate Domain Controllers on different cities.using 2 user id agent with all DC's make very high traffic between these sites and affect voip packets.When we disable the agent we saw that this is the issue.So how can we configure

...

panos by L6 Presenter
  • 2187 Views
  • 2 replies
  • 0 Likes

PA200 replacement fan

Aside from an RMA on the whole box, what can be done about a noisy PA200 fan (without getting a void warranty of course ) ?

BCH by Not applicable
  • 2533 Views
  • 1 replies
  • 0 Likes

Virtual-wire active/passive HA issue

Hello!

We are testing out a topology in the lab, with 2 PA-2020 in an active/passive HA cluster. They are between 2 pairs of Cisco switches and should play a role of redundant in-line firewalls. The connection to the switches is with FO modules on por

...

cannot block hotspot shield

HI

it seems it has became vey diffcult to block hotspot shield , even though the application is being idenfied by palo alto , still hot spot finds it way by port 80 . is there any way to block hot spot shield.Also From IPAD/IPHONE it is easily connect

...

shabeerc by L2 Linker
  • 6938 Views
  • 7 replies
  • 0 Likes

Resolved! User-ID agent , custom agent sequence or agent priority.

Hello,

I know PANOS-5.0 provide custom agent sequence function.

Does PANOS-4.1  have same function such as custom agent sequence or agent priority???

I use two User-ID agent.

Does Palo Alto Device receive ip-user mapping information from all(two) agents

...

Globalprotect and Lenovo/Stoneware's Lanschool

Good morning, all!

For the past several months, we've had an ongoing issue with our student's take-home 1:1 netbooks.  Once they attach to the globalprotect portal/gateway, they won't work with LanSchool any longer.

First, the environment background:

PA

...

bau55536 by L0 Member
  • 2819 Views
  • 2 replies
  • 0 Likes
  • 24118 Posts
  • 117 Subscriptions
Top Solution Authors
Labels